Windows 7 deprecation

Windows 7 will be removed from tria.ge on 2025-03-31

Overview

overview

10

Static

static

3

25812034f9...18.exe

windows7-x64

10

25812034f9...18.exe

windows10-2004-x64

10

Sharing

Copy URL
Twitter E-mail

General

  • Target

    25812034f923f3ed5ae507e24c957193_JaffaCakes118

  • Size

    152KB

  • Sample

    240704-ltjhvavdnk

  • MD5

    25812034f923f3ed5ae507e24c957193

  • SHA1

    1ba320d9eb8384d4aa86945f32961c6bcbeb6336

  • SHA256

    99a4347e3077d4694403ff6e0e1df0e6edb0a565d539dc3d047e63ff0eaadae4

  • SHA512

    ca3b6683f45c5ad5da0b879427c547826ebb0e5b043b09ae7af6ac3606fe22f756d7a9b6364d4cadbefea3cc65ead4c2bb1f596d684fac574dded8af708f3c24

  • SSDEEP

    3072:yMGjPYYh0Zs+7DxNUbaxIcz93bOButK+Hog:m+7DxVh3bHYg

Score
10/10
evasionpersistence

Malware Config

Targets

    • Target

      25812034f923f3ed5ae507e24c957193_JaffaCakes118

    • Size

      152KB

    • MD5

      25812034f923f3ed5ae507e24c957193

    • SHA1

      1ba320d9eb8384d4aa86945f32961c6bcbeb6336

    • SHA256

      99a4347e3077d4694403ff6e0e1df0e6edb0a565d539dc3d047e63ff0eaadae4

    • SHA512

      ca3b6683f45c5ad5da0b879427c547826ebb0e5b043b09ae7af6ac3606fe22f756d7a9b6364d4cadbefea3cc65ead4c2bb1f596d684fac574dded8af708f3c24

    • SSDEEP

      3072:yMGjPYYh0Zs+7DxNUbaxIcz93bOButK+Hog:m+7DxVh3bHYg

    Score
    10/10
    evasionpersistence

    • Modifies visiblity of hidden/system files in Explorer

      evasion

    • Checks computer location settings

      Looks up country code configured in the registry, likely geofence.

    • Executes dropped EXE

    • Loads dropped DLL

    • Adds Run key to start application

      persistence
    behavioral1behavioral2

MITRE ATT&CK Enterprise v15

Tasks